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1 Fast detection of communication patterns in distributed executions 
Thomas Kunz, Michlel F. H. Seuren 

Novennber 1997 Proceedings of the 1997 conference of the Centre for Advanced 
Studies on Collaborative research GASCON '97 

Publisher: IBM Press 

Full text available: ^ pdf(4.21 MB) Additional Information: full citation , abstract , references , index terms 

Understanding distributed applications is a tedious and difficult task. Visualizations based 
on process-time diagrams are often used to obtain a better understanding of the 
execution of the application. The visualization tool we use is Poet, an event tracer 
developed at the University of Waterloo. However, these diagrams are often very complex 
and do not provide the user with the desired overview of the application. In our 
experience, such tools display repeated occurrences of non-trivial commun ... 

2 Link and channel measurement: A simple mechanism for capturing and replaying 
wireless channels 
Glenn Judd, Peter Steenkiste 

August 2005 Proceeding of the 2005 ACM SIGCOMM workshop on Experimental 
approaches to wireless network design and analysis E-WIND '05 

Publisher: ACM Press 

Full text available: ^ pdf(6.06 MB) Additional Information: full citation , abstract , references , index terms 

Physical layer wireless network emulation has the potential to be a powerful experimental 
tool. An important challenge in physical emulation, and traditional simulation, is to 
accurately model the wireless channel. In this paper we examine the possibility of using 
on-card signal strength measurements to capture wireless channel traces. A key 
advantage of this approach is the simplicity and ubiquity with which these measurements 
can be obtained since virtually all wireless devices provide the req ... 

Keywords: channel capture, emulation, wireless 



3 Frontmatter (TOC. Letters. Election results. Software Reliability Resources!. 
^ Computing Curricula 2004 and the Software Engineering Volume SE2004. Software 
^ Reuse Research. ICSE 2005 Forward) 

July 2005 ACM SIGSOFT Software Engineering Notes, volume 30 issue 4 
Publisher: ACM Press 
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Special issue: Al in engineering 

D. Shram, R. Joobbani 

April 1985 ACM SIGART Bulletin, issue 92 

Publisher: ACM Press 

Full text available: ^ pdff8.79 MB) Additional Information: full citation , abstract 

The papers in this special Issue were compiled from responses to the announcement in 
the July 1984 issue of the SIGART newsletter and notices posted over the ARPAnet. The 
interest being shown in this area is reflected in the sixty papers received from over six 
countries. About half the papers were received over the computer network. 

Frontmatter (TOC. Letters. Philosophy of computer science. Interviewers needed. 
Taking software requirements creation from folklore to analysis. SW components and 
product lines: from business to systems and technology. Software engineering 
surve y) 

September 2005 ACM SIGSOFT Software Engineering Notes, volume 30 issue 5 
Publisher: ACM Press 

Full text available: ^ pdf(1.98 MB) Additional Information: full citation , index terms 



Computing curricula 2001 

September 2001 Journal on Educational Resources in Computing (JERIC) 
Publisher: ACM Press 

Full text available: pdf( 61 3.63 KB) ...... *• x ,, * * a * 

^^^^2JS KB) Additional Information: full citation , references , citings , index terms 



Workshop on compositional software architectures: workshop rep ort 
May 1998 ACM SIGSOFT Software Engineering Notes, volume 23 issue 3 
Publisher: ACM Press 

Full text available: ^ pdf(2.91 MB) Additional Information: full citation , index terms 



8 Automatic parsing for content analysis 
Frederick J. Damerau 

June 1970 Communications of the ACM, volume 13 issue 6 
Publisher: ACM Press 

Full text available: ^ pdf(4.07 MB) Additional Information: full citation , abstract , references , citings 

Although automatic syntactic and semantic analysis is not yet possible for all of an 
unrestricted natural language text, some applications, of which content analysis is one, do 
not have such a stringent coverage requirement. Preliminary studies show that the 
Harvard Syntactic Analyzer can produce correct and unambiguous identification of the 
subject and object of certain verbs for approximately half of the relevant occurences. This 
provides a degree of coverage for content analysis variable ... 

Keywords: content analysis, information retrieval, language analysis, natural language 
processing, parsing, syntactic analysis, text processing 



http://portal,acm.org/results.cfin?CFID=14940117&CFTOKEN=39199837«&adv=l&COLL=... 3/28/07 



Results (page 1): +certificate, +session H-key product, serial number, type, category Page 3 of 6 



9 Frontmatter (TOC. Miscellaneous material) 
^ ACM SIGSOFT Software Engineering Notes staff 

s/ November 2006 ACM SIGSOFT Software Engineering Notes, volume 3i issue 6 
Publisher: ACM Press 

Full text available: ^ pdf(1.25MB) Additional Information: full citation 



'lo A methodology for analyzing the performance of authentication protocols 

#Alan Harbitter, Daniel A. Menasce 
November 2002 ACM Transactions on Information and System Security (TISSEC), 

Volume 5 Issue 4 
Publisher: ACM Press 

Full text available: ^ pdf(1.25 MB) Additional Information: full citation , abstract , references , index terms 

Performance, in terms of user response time and the consumption of processing and 
communications resources, is an important factor to be considered when designing 
authentication protocols. The mix of public key and secret key encryption algorithms 
typically included in these protocols makes It difficult to model performance using 
conventional analytical methods. In this article, we develop a validated modeling 
methodology to be used for analyzing authentication protocol features, and we use two ... 




Keywords: Authentication, Kerberos, mobile computing, performance modeling, proxy 
servers, public key cryptography 



COCA: A secure distributed online certification authorit y 
Lidong Zhou, Fred B. Schneider, Robbert Van Renesse 

November 2002 ACM Transactions on Computer Systems (TOCS), volume 20 issue 4 
Publisher: ACM Press 

Full text available- ISl pdf( 448 28 KB) Additional Information: full citation , abstract , references , citing s, index 
*^ terms 

COCA is a fault-tolerant and secure online certification authority that has been built and 
deployed both in a local area network and in the Internet. Extremely weak assumptions 
characterize environments in which COCA's protocols execute correctly: no assumption is 
made about execution speed and message delivery delays; channels are expected to 
exhibit only intermittent reliability; and with 3t + 1 COCA servers up to t may be faulty or 
compromised. COCA is the first system to integr ... 

Keywords: Byzantine quorum systems. Certification authority, denial of service, 
proactive secret-sharing, public key infrastructure, threshold cryptography 



12 Security: Privacy protection for signed media files: a separation-of-dutv approach to Q 
^ the lightweight DRM (LWDRM) system 
^ Rudiger Grimm, Patrick Aichroth 

September 2004 Proceedings of the 2004 workshop on Multimedia and security 
MM&Sec '04 

Publisher: ACM Press 

Full text available: Q pdf(256.47 KB) Additional Information: full citation , abstract , references , index terms 

The aim of strong digital rights management (DRM) is to enforce usage rules in end-user 
devices on behalf of content providers. Strong DRM is not well accepted by customers. 
Moreover, strong DRM is repeatedly circumvented and broken. Since Napster (and all its 
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Peer-to-Peer follow-ups), the Internet is flooded with illegal digital content. We introduce 
the LWDRM technology as an alternative model. LWDRM relies on responsible behavior of 
customers. However, LWDRM contains a privacy problem, in tha ... 

Keywords: LWDRM, light weight digital rights management, privacy, pseudonyms, 
separation of duty, virtual goods 



13 Authentication and signature schemes: On the performance, feasibility, and use of 
^ forward-secure signatures 

^ Eric Cronin, Suglh Jamin, Tal Malkin, Patrick McDaniel 

October 2003 Proceedings of the 10th ACM conference on Computer and 

communications security CCS '03 
Publisher: ACM Press 

I- II* ;* I ui ^ CH l✓r>^ Additional Information: full citation , abstract , references , citings , index 

Full text available: TO pdf(386.51 KB) ' ' 

terms 

Forward-secure signatures (FSSs) have recently received much attention from the 
cryptographic theory connmunity as a potentially realistic way to nnitigate many of the 
difficulties digital signatures face with key exposure. However, no previous works have 
explored the practical performance of these proposed constructions in real-world 
applications, nor have they compared FSS to traditional, non-forward-secure, signatures 
in a non-asymptotic way. We present an empirical evaluation of several FSS sch ... 

Keywords: digital signatures, forward-secure signatures 



14 The model, lan g uag e, and im plementation of an object-oriented multinnedia 
^ knowled g e base management system 

^ Hiroshi Ishikawa, Fumio Suzuki, Fumihiko Kozakura, Akifumi Makinouchi, Mika Miyagishima, 
Yoshio Izumida, Masaaki Aoshima, Yasuo Yamane 

March 1993 ACM Transactions on Database Systems (TODS), volume is issue i 
Publisher: ACM Press 

Full text available* 1?1 pdf(3 23 MB) Additional Information: full citation , abstract , references , citings , index 
. ^ terms , review 

New applications such as CAD, AI, and hypermedia require direct representation and 
flexible use of complex objects, behavioral knowledge, and multimedia data. To this end, 
we have devised a knowledge base management system called Jasmine, An object- 
oriented approach in a programming language also seems promising for use in Jasmine. 
Jasmine extends the current object-oriented approach and provides the following 
features. Our object model is based on functional data models and well-establis ... 

15 S pecial feature: Report on a working session on security in wireless ad hoc networks 
Levente Buttyan, Jean-Pierre Hubaux 

January 2003 ACM SIGMOBILE Mobile Computing and Communications Review, volume 

7 Issue 1 
Publisher: ACM Press 

Full text available: ^ pdf(2.50 MB) Additional Information: full citation , references , citings 



Data base directions: the next ste ps 
John L. Berg 

November 1976 ACM SIGMOD Record , ACM SIGMIS Database, volume 8 , 8 issue 4 , 2 
Publisher: ACM Press 
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Full text available: ^ pdf(9.95 MB) Additional Information: full citation , abstract , citings 

What information about data base technology does a manager need to make prudent 
decisions about using this new technology? To provide this Information the National 
Bureau of Standards and the Association for Computing Machinery established a workshop 
of approximately 80 experts in five major subject areas. The five subject areas were 
auditing, evolving technology, government regulations, standards, and user experience. 
Each area prepared a report contained in these proceedings. The proceedings p ... 

Keywords: DBMS, auditing, cost/benefit analysis, data base, data base management, 
government regulation, management objectives, privacy, security, standards, technology 
assessment, user experience 



17 A model of OASIS role-based access control and its su p port for active security 
Jean Bacon, Ken Moody, Walt Yao 

November 2002 ACM Transactions on Information and System Security (TISSEC), 

Volume 5 Issue 4 
Publisher: ACM Press 

Full text available* Ddf(352 06 KB) Additional Information: full citation , abstract , references , citings, index 
* »^ : terms 

OASIS is a role-based access control architecture for achieving secure interoperation of 
services In an open, distributed environment. The aim of OASIS is to allow autonomous 
management domains to specify their own access control policies and to interoperate 
subject to service level agreements (SLAs). Services define roles and implement formally 
specified policy to control role activation and service use; users must present the required 
credentials, in an appropriate context, In order to activat ... 

Keywords: Certificates, OASIS, RBAC, distributed systems, policy, role-based access 
control, service-level agreements 



18 Walter Carlson interview: November 26-27, 2005: Los Gates, California 

# Thomas Haigh 
January 2006 ACM Oral History interviews 

Publisher: ACM Press 

Full text available: ^ pdf(364.63 KB) Additional Information: full citation , abstract 

Walter Carlson discusses his entire career in the computing field. Born in Denver in 1916, 
Carlson studied Chemical Engineering at the University of Colorado, gaining both 
bachelors and masters degrees in Chemical Engineering. On graduation Carlson went to 
work for DuPont, where he worked as part of the corporate Engineering Department to 
improve industrial processes in different plants. In 1954 his involvement in a feasibility 
study to investigate computer procurement won Carlson a j ... 



19 The automated production control documentation system: a case study in cleanroom 
^ software engineering 

^ Carmen J. Trammell, Leon H. Binder, Cathrine E. Snyder 

January 1992 ACM Transactions on Software Engineering and Methodology (TOSEM), 

Volume 1 Issue 1 
Publisher: ACM Press 

Full text available* IS pdf(900 71 KB) Additional Information: full citation , abstract , references , citings, index 
■ \^ terms , review 

A prototype software system was developed for the U.S. Naval Underwater Systems 
Center(NUSC) as a demonstration of the Cleanroom Software Engineering methodology. 
The Cleanroom method is a team approach to the incremental development of software 
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under statistical quality control. Cleanroom's formal methods of Box Structure 
specification and design, functional verification, and statistical testing were used by a 
four-person team to develop the Automated Production Control Documentation(APCOD ... 

Keywords: box structures, cleanroom software engineering, statistical quality control, 
statistical testing 



20 Practice: Cybercrime, identity theft, and fraud: practicing safe internet - network 
^ security threats and vulnerabilities 
^ Robert C. Newman 

September 2006 Proceedings of the 3rd annual conference on Information security 
curriculum development InfoSecCD '06 

Publisher: ACM Press 

Full text available: 'g pdf(123.56 KB) Additional Information: full citation , abstract , references , index terms 

Computer networks and computer systems are experiencing attacks and threats from 
many areas. Threats are also extended to Include the Individual user's computer assets 
and resources. Information will be presented on the categories of security and privacy 
threats, integrity threats, vulnerabilities, delay and denial threats, and Intellectual 
property threats that are being directed towards corporate, educational, governmental, 
and individual assets. 



Keywords: cybercrime, identity theft, internet fraud 
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1 Short papers poster session 2: A trustworthy end-to-end key nrtanagement schenne Q 
^ for digital rights management 

^ Junil Kim, Yeonjeong Jeong, Kisong Yoon, Jaecheol Ryou 

October 2006 Proceedings of the 14th annual ACM international conference on 
Multimedia MULTIMEDIA '06 

Publisher: ACM Press 

Full text available: ^ pdf(269.86 KB) Additional Information: full citation , abstract , references , index terms 

Current studies on Digital Rights Management (DRM) have focused on security and 
encryption as a means of solving the issue of Illegal copying by purchasers. In this paper, 
we propose an end-to-end key management scheme that can cover a content protection 
on the overall value-chains of content distribution. The proposed scheme can protect 
digital content from attacks since an encrypted content is sent by a first package server 
and only DRM client can decrypt the encrypted digital content. It make ... 

Keywords: DRM, content protection, key management 

2 Security: Privacy protection for signed media files: a separation-of-duty a p proach to Q 
^ the lightweight DRM (LWDRM) system 

Rudiger Grimm, Patrick Aichroth 

September 2004 Proceedings of the 2004 workshop on Multimedia and security 
MM&Sec'04 

Publisher: ACM Press 

Full text available: ^ pdf(256.47 KB) Additional Information: full citation , abstract , references , index terms 

The aim of strong digital rights management (DRM) is to enforce usage rules in end-user 
devices on behalf of content providers. Strong DRM is not well accepted by customers. 
Moreover, strong DRM Is repeatedly circumvented and broken. Since Napster (and all its 
Peer-to-Peer follow-ups), the Internet is flooded with illegal digital content. We introduce 
the LWDRM technology as an alternative model. LWDRM relies on responsible behavior of 
customers. However, LWDRM contains a privacy problem, in tha ... 

Keywords: LWDRM, light weight digital rights management, privacy, pseudonyms, 
separation of duty, virtual goods 



DRM experience: Digital rights mana g ement in a 3G mobile phone and beyond 



http://portaLacm.org/results.cfm?coll=ACM&dl=ACM&CFID= 1 4940 1 1 7&CFTOKEN=3 91... 3/28/07 



Results (page 1): certificate, session key, "digital rights management" 



Page 2 of? 



Thomas S. Messerges, Ezzat A. Dabbish 

October 2003 Proceedings of the 3rd ACM workshop on Digital rights management 
DRM '03 

Publisher: ACM Press 

I- II * ^ I ui 01 jf/onc cn lyov Additional Information: full citation , abstract , references , citings , index 
Full text available: TO pdT(3QD.o9 KB) ' 

i^'^ terms 

In this paper we examine how copyright protection of digital itenns can be securely 
managed in a 3(5 mobile phone and other devices. First, the basic concepts, strategies, 
and requirements for digital rights management are reviewed. Next, a framework for 
protecting digital content in the embedded environment of a mobile phone is proposed 
and the elements in this system are defined. The means to enforce security in this system 
are described and a novel "Family Domain" approach to content management ... 

Keywords: MPEG-21, copyright protection, cryptography, digital content, digital rights 
management, embedded system, key management, mobile phone, open mobile alliance, 
security 



4 Applications and compliance: Virtual monotonic counters and count-limited objects Q 

^ using a TPM without a trusted OS 

Luis F. G. Sarmenta, Marten van Dijk, Charles W. O'Donnell, Jonathan Rhodes, Srinivas 
Devadas 

November 2006 Proceedings of the first ACM workshop on Scalable trusted computing 
STC'06 

Publisher: ACM Press 

Full text available: ^pdf(447.59 KB) Additional Information: full citation , abstract , references , index terms 

A trusted monotonic counter is a valuable primitive that enables a wide variety of highly 
scalable offline and decentralized applications that would otherwise be prone to replay 
attacks, including offline payment, e-wallets, virtual trusted storage, and digital rights 
management (DRM). In this paper, we show how one can implement a very large number 
of virtual monotonic counters on an untrusted machine with a Trusted Platform Module 
(TPM) or similar device, without relying on a trusted OS ... 

Keywords: certified execution, e-wallet memory integrity checking, key delegation, 
stored-value, trusted storage 



5 Architechture: Towards an open, trusted digital rights management platform 
Andrew Cooper, Andrew Martin 

October 2006 Proceedings of the ACM workshop on Digital rights management DRI^ 
'06 

Publisher: ACIVI Press 

Full text available: ^pdf(417.51 KB) Additional Information: full citation , abstract , references , index terms 

Trusted computing has received criticism from those who fear it will be used by influential 
market forces to exert power over the software used on consumer platforms. This paper 
describes an open architecture for digital rights management (DRM) enforcement on 
trusted computing platforms that empowers the consumer to select their operating- 
system and applications, including open-source options, without weakening the strength 
of the security functions. A key component in the architecture is a secu ... 

Keywords: DRM, digital rights management, mandatory access controls, trusted 
computing, virtual machines 
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DRM usability and legal issues: Import/export in digital rights mana g ement 
Reihaneh Safavi-Naini, Nicholas Paul Sheppard, Takeyuki Uehara 

October 2004 Proceedings of the 4th ACM workshop on Digital rights management 
DRI^ '04 

Publisher: ACM Press 

c II* ^ I ui 01 ^«o^4cni^D\ Additional Information: full citation , abstract , references , citings , index 

Full text available: tg pdf(211.60 KB) ' ^ 

terms 

The inherently controlled nature of digital rights management systems does little to 
promote inter-operability of systems provided by different vendors. In this paper, we 
consider import and export functionality by which multimedia protected by one digital 
riglits management regime can be made available to a multimedia device that supports a 
different digital rights management regime, without compromising the protection afforded 
to the content under the original regime. We first identify speci ... 

Keywords: digital rights management, export, import, inter-operability 



7 Full papers (written in English): Prototyping a novel platform for free-trade of di g ital | 
content 

Renan G. Cattelan, Shan He, Darko Kirovski 

November 2006 Proceedings of the 12th Brazilian symposium on Multimedia and the 
web WebMedia '06 

Publisher: ACM Press 

Full text available: ^pdf( 502.96 KB ) Additional Information: full citation , abstract , references , index terms 

The widespread use of mobile, personal computing devices, together with recent advances 
in wireless communication technologies, pose a myriad of new opportunities for 
leveraging the commerce of digital goods. We envision a novel platform for the free-trade 
of digital content where users are allowed to market and resell copies of digital content to 
others in their wireless vicinity. By keeping significant part of the revenues, users are 
likely to drive the sales for their and copyright holders' e ... 

Keywords: digital content trading, electronic commerce, mobile commerce, mobile 
electronic marketing, off-line economies, viral marketing, word-of-mouth 



Terra: a virtual machine-based platform for trusted computing | 
Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh 

October 2003 ACM SIGOPS Operating Systems Review , Proceedings of the nineteenth 
ACM symposium on Operating systems principles SOSP '03, volume 37 issue 

5 

Publisher: ACM Press 

Full text available: ffi pdf(140.31 KB) Additional Information: full citation , abstract, references , citings. Mex 
^ terms 

We present a flexible architecture for trusted computing, called Terra, that allows 
applications with a wide range of security requirements to run simultaneously on 
commodity hardware. Applications on Terra enjoy the semantics of running on a separate, 
dedicated, tamper-resistant hardware platform, while retaining the ability to run side-by- 
side with normal applications on a general-purpose computing platform. Terra achieves 
this synthesis by use of a trusted virtual machine monitor (TVMM ... 

Keywords: VMI^, attestation, authentication, trusted computing, virtual machine, virtual 
machine monitor 
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Architechture: Towards a secure and interoperable DRM architecture 
Gelareh Taban, Alvaro A. Cardenas, Virgil D. Gligor 

October 2006 Proceedings of the ACM workshop on Digital rights management DRM 
'06 

Publisher: ACM Press 

Full text available: ^ pdf(442.79 KB) Additional Information; full citation , abstract , references , index terms 

In this paper we lool< at the problem of interoperability of digital rights management 
(DRM)systems in home networks. We Introduce an intermediate module called the 
Domain Interoperability Manager (DIM) to efficiently deal with the problem of content and 
license translation across different DRM regimes. We also consider the threat model 
specific to interoperability systems, and introduce threats such as the cross-compliancy 
and splicing attacks. We formalize the adversary model and define securit ... 

Keywords: DRM, home networks, interoperability 



10 Security in embedded systems: Design challenges 

Srivaths Ravi, Anand Raghunathan, Paul Kocher, Sunil Hattangady 

August 2004 ACM Transactions on Embedded Computing Systems (TECS), Volume 3 issue 

3 

Publisher: ACM Press. 

Full text available- Hi pdf{3 67 IVIB). Additional Information: full citation , abstract , references , citings, index 
' ^ I ™ terms, review 

Many modern electronic systems— including personal computers, PDAs, cell phones, 
network routers, smart cards, and networked sensors to name a few— need to access, 
store, manipulate, or communicate sensitive information, making security a serious 
concern in their design. Embedded systems, which account for a wide range of products 
from the electronics, semiconductor, telecommunications, and networking industries, face 
some of the most demanding security concerns— on the one hand, they are oft ... 

Keywords: Embedded systems, architecture, authentication, battery life, cryptographic 
algorithms, decryption, encryption, hardware design, processing requirements, security, 
security attacks, security protocols, tamper resistance 



11 Information protection nnethods: Display-only file server: a solution against 
in formation theft due to insider attack 
Yang Yu, Tzi-cl<er Chiueh 

October 2004 Proceedings of the 4th ACM workshop on Digital rights management 
DRM '04 

Publisher: ACM Press 

Full text available: ^ pdf(31 1 .80 KB) Additional Information: full citation , abstract , references , index terms 

Insider attack is one of the most serious cybersecurity threats to corporate America. 
Among all insider threats, information theft is considered the most damaging in terms of 
potential financial loss. Moreover, it is also especially difficult to detect and prevent, 
because in many cases the attacker has the proper authority to access the stolen 
information. According to the 2003 CSI/FBI Computer Crime and Security Survey, theft of 
proprietary information was the single largest category of los ... 

Keywords: access, digital rights management, information theft, insider attack 
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Trustworthy systems: Property-based attestation for computing platforms: caring 
about pro perties, not mechanisms 
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j< Ahmad-Reza Sadeghi, Christian Stuble 

^ September 2004 Proceedings of the 2004 workshop on New security paradigms NSPW 
'04 

Publisher: ACM Press 

Full text available: 'g pdf(222.19 KB) Additional Information: full citation , abstract , references , citings 

Over the past years, the computing industry has started various initiatives announced to 
increase computer security by means of new hardware architectures. The most notable 
effort is the Trusted Computing Group (TCG) and the Next-Generation Secure Computing 
Base (NGSCB). This technology offers useful new functionalities as the possibility to verify 
the Integrity of a platform (attestation) or binding quantities on a specific platform 
(sealing). In this paper, we point out the deficiencies of the ... 

Systems and architectures: A DRM security architecture for honne networks Q 
^ Bogdan C. Popescu, Bruno Crispo, Andrew S. Tanenbaum, Frank L.A.J. Kamperman 
>^ October 2004 Proceedings of the 4th ACM workshop on Digital rights management 
DRI^ '04 

Publisher: ACM Press 

Full text available- 153 pdf(222 46 KB) Additional Information: full citation , abstract , references , citings, index 
. Ly- = I terms 

This paper describes a security architecture allowing digital rights management in home 
networks consisting of consumer electronic devices. The idea is to allow devices to 
establish dynamic groups, so called "Authorized Domains", where legally acquired 
copyrighted content can seamlessly move from device to device. This greatly improves 
the end-user experience, preserves "fair use" expectations, and enables the development 
of new business models by content providers. Key to our design is a hyb ... 

Keywords: DRM architectures, compliant CE devices, digital content protection 

''^ D i gital multimedia book: From digital audiobook to secure digital multimedia-book Q 

Lavinia Egidi, Marco Furini 
V July 2006 Computers in Entertainment (CIE), volume 4 issue 3 

Publisher: ACM Press 

Full text available: ^ pdf(364.18 KB) Additional Information: full citation , abstract , references , index terms 

Portable devices and wireless connections are creating a new scenario in which digital 
information is entering our lives in a massive way. In this article we consider MP3 
audiobook applications and propose an approach to completely restyle the applications to 
the current mobile and multimedia scenario. Our mechanism introduces multimedia 
contents (images and text) into the audiobook application and synchronizes them with the 
MPS audio stream. Multimedia contents are protected by a security syste ... 

Keywords: multimedia applications, multimedia communications, multimedia over 
wireless, music distribution 
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XrML (extensible rights Markup Language) is an XML-based language for digital rights 
management (DRM), providing a universal method for specifying rights and conditions 
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associated with the use and protection of digital content and services. Originally 
developed at Xerox's Palo Alto Research Center (PARC), the specification facilitates the 
creation of an open architecture for digital rights management of content or services. It 
can be integrated with both existing and new DRM systems. XrML is a g ... 

Keywords: DRM, XML, content distribution and usage, digital rights management, rights, 
specification languages, standards 
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The growing number of instances of breaches in information security in the last few years 
has created a compelling case for efforts towards secure electronic systems. Embedded 
systems, which will be ubiquitously used to capture, store, manipulate, and access data of 
a sensitive nature, pose several unique and interesting security challenges. Security has 
been the subject of intensive research in the areas of cryptography, computing, and 
networking. However, despite these efforts, security is ... 

Keywords: PDAs, arcliitectures, battery life, cryptography, design, design 
metliodologies, digitai rigfits management, embedded systems, performance, security, 
security processing, security protocols, sensors, software attacks, tamper resistance, 
trusted computing, viruses 
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terms 

In this paper, we introduce the family of UCON^g^ models for usage control (UCON), 

which integrate Authorizations (A), oBligations (B), and Conditions (C), We call these core 
models because they address the essence of UCON, leaving administration, delegation, 
and other important but second-order issues for later work. The term usage control is a 
generalization of access control to cover authorizations, obligations, conditions, continuity 
(ongoing controls), and mutability. Trad ... 

Keywords: access control, digital rights management, privacy, trust, usage control 
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Interactive television (ITV) is an evolutionary merging of digital TV and the internet. ITV 
technology offers new powerful ways for consumers to interact with content and service 
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providers. In Europe, iTV has gained significant traction during tlie turn of the century. 
For example, about 500,000 viewers signed up for SkyDigital's email service during 2000. 
In another example, Nickelodeon's "Watch Your Own Week" voting application was 
available to SkyDigital viewers during Oct 22-27 2001. While on ... 

Keywords: QuickTime, avi, broadcast, compression, digital tv, gif, interactive tv, 
internet, media streaming, mp3, network file system, zip 
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October 2004 Proceedings of the 11th ACM conference on Computer and 
communications security CCS '04 

Publisher: ACM Press 

Full text available: "g] pdf(220.Q0 KB) Additional Information: full citation , abstract , references , index terms 

A forward-secure encryption scheme protects secret keys from exposure by evolving the 
keys with time. Forward security has several unique requirements in hierarchical identity- 
based encryption (HIBE) scheme: (1) users join dynamically; (2) encryption is joining- 
time-oblivious; (3) users evolve secret keys autonomously. 

We present a scalable forward-secure HIBE (fs-HIBE) scheme satisfying the above 
properties. We also show how our fs-HIBE scheme can be used to construct a forward- 
secure ... 

Keywords: ID-Based encryption, broadcast encryption, forward security 
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Publisher: Australian Computer Society, Inc. 

Full text available: ^ pdf(191.31 KB) Additional Information: full citation , abstract , references , index terms 

Robust technological enforcement of DRM licenses assumes that the prevention of direct 
access to the raw bit representation of decrypted digital content and the license 
enforcement mechanisms themselves is possible. This Is difficult to achieve on an open 
computing platform such as a PC. Recent trusted computing Initiatives namely, the 
Trusted Computing Group (TCG) specification, and Microsoft's Next Generation Secure 
Computing Base (NGSCB) aim in part to address this problem. The protection arc ... 
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[Paper] License Administration Mechanism for Multiple Devices in a „. 
The goals of this registration procedure are to register the DRM client identifier, the DRM 
client's certificate and the DRM client's device capability ... 
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Creating and Initializing a DRM Writer 

Encrypt the session key with the public key extracted from the certificate. Fill out a 
WMDRMJMPORTJNIT_STRUCT structure. ... 
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2. AES decryption with, symmetric session key. User Certificate. P2P Signaling ... It is not 
up to DRM technology to decide what, is legal, and what is not. ... 

web.cs.missouri.edu/'-zeng/CCNC05DRM/CCNC05_LWDRM_Aichroth.pdf - Similar pages 

Microsoft's Digital Rights Management Scheme - Technical Details 
Several key DLLs are kept in \windows\system that relate to the MS-DRM scheme. ... which 
make up an ECC encrypted random session key, and the remaining 88 ... 
cryptome.org/ms-drm.htm - 46k - Cached - Similar pa ges 

Digital rights management - US Patent 703601 1 

encrypting the random session key with the public key of the PKI key pair. ... the DRM 

determines if the digital certificate is valid by retrieving the copy ... 
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Windows Media DRM FAQ 
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Windows Media DRM FAQ 
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The licensing agreement explains how to get a device certificate. ... To learn more about 
Windows Media Player, see Windows Media Player Help. ... 
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